Epinnoia
|
|
June 21, 2011, 11:31:16 PM |
|
You also place an inordinate amount of trust on the jail system of the OS -- making sure that the various virtual machines can't see each other across the harddrive(s) they share.
They don't share any hard drives. In fact each virtual machine has their own install of an OS and they can't mount other volumes from the host machine. And lastly, you'd be sharing SQL database access with everyone else on the virtual machine. That could open up vulnerabilities if permissions are not exactly right.
No. Each machine runs their own services. Each VM will have a web server, sql, etc or whatever else the operator wants. I don't think you are correct. They only appear to be separate services. And the hard drives are typically jailed in such a way as to APPEAR to be multiple instances of the os. Appearance is NOT reality.
|
|
|
|
sakkaku
|
|
June 21, 2011, 11:31:29 PM |
|
If you successfully compiled or uploaded a packet sniffer on virtual machine #1, it will sniff packets for every other virtual machine on that box.
Each virtual machine is bound to their own IP address so you can't listen to other machines on the same box. You however could listen to any broadcasts on the local network, or anything else a bare metal server could do. It is the same physical card in the same physical machine. C++ is quite powerful. Except you don't have access to the device. In a VM you have a virtualized device you interact with and the host OS forward packets from the hardware. Saying a language is powerful is pointless. Most are touring complete so you can accomplish the same task in any of them.
|
|
|
|
Chick
Member
Offline
Activity: 70
Merit: 10
|
|
June 21, 2011, 11:32:58 PM |
|
Do they mine with their hosting server?
Definitely, because every web server has five 6990s ready to start mining!
|
|
|
|
unbuttered_toast
Newbie
Offline
Activity: 47
Merit: 0
|
|
June 21, 2011, 11:33:14 PM |
|
Unless they prove them self or have someone as a security expert, it will be much safer for them to use shared hosting rather than a VPS/dedicated server.
This is kind of like saying, "If they're losing, they've lost."
|
|
|
|
Epinnoia
|
|
June 21, 2011, 11:33:20 PM |
|
If you successfully compiled or uploaded a packet sniffer on virtual machine #1, it will sniff packets for every other virtual machine on that box.
Each virtual machine is bound to their own IP address so you can't listen to other machines on the same box. You however could listen to any broadcasts on the local network, or anything else a bare metal server could do. It is the same physical card in the same physical machine. C++ is quite powerful. Except you don't have access to the device. In a VM you have a virtualized device you interact with and the host OS forward packets from the hardware. Saying a language is powerful is pointless. Most are touring complete so you can accomplish the same task in any of them. I don't need access to the device. I need access to the memory. Or are you going to tell me that they have separate memory sticks too? No OS is 100% secure. And once you start sharing the machine with other people, your level of control and security lowers. That's just a fact. Have you had access to the root account on a VPM? The view is quite a bit different.
|
|
|
|
bitclown
|
|
June 21, 2011, 11:34:42 PM |
|
Their site can obviously handle no more traffic than Susie's Geocities page about beanie babies.
Um, Geocities was once the biggest hosting provider on this planet. They had plenty of resources. Also, no shared hosting services offers bitcoind, which is quite essential for operating a BTC exchange. I deem this rumor silly.
|
|
|
|
sakkaku
|
|
June 21, 2011, 11:36:48 PM |
|
If you successfully compiled or uploaded a packet sniffer on virtual machine #1, it will sniff packets for every other virtual machine on that box.
Each virtual machine is bound to their own IP address so you can't listen to other machines on the same box. You however could listen to any broadcasts on the local network, or anything else a bare metal server could do. It is the same physical card in the same physical machine. C++ is quite powerful. Except you don't have access to the device. In a VM you have a virtualized device you interact with and the host OS forward packets from the hardware. Saying a language is powerful is pointless. Most are touring complete so you can accomplish the same task in any of them. I don't need access to the device. I need access to the memory. Or are you going to tell me that they have separate memory sticks too? Go ahead and write to the memory, you wont be able to address it so it is pointless. Just because you can compile a program on a machine doesn't mean you can access a device without root access.
|
|
|
|
Epinnoia
|
|
June 21, 2011, 11:38:09 PM Last edit: June 21, 2011, 11:49:06 PM by Epinnoia |
|
Go ahead and write to the memory, you wont be able to address it so it is pointless. Just because you can compile a program on a machine doesn't mean you can access a device without root access.
So you're telling me that I can't intentionally write beyond my own memory pointers in C++ on a VPM? Nonsense. The physical machine is shared. It is only a PROGRAM on the OS that makes it appear to be separate machines to the various users. The root user sees the whole REAL directory structure. So the barrier between accounts is only as solid as the program controlling the access. Show me an OS that is without bugs... I ran a webhosting company for a number of years, using Ensim at the time. Another problem that is inherent to shared machines is the tendency of the OS to remain outdated well beyond what you'd settle for if you were the only person on the machine. In other words, providers don't generally do a great job of keeping the OS as up to date as they should. The techs in those centers have an install disk that simply doesn't get updated as fast as updates are available.
|
|
|
|
sakkaku
|
|
June 21, 2011, 11:42:00 PM |
|
So you're telling me that I can't intentionally write beyond my own memory pointers in C++ on a VPM? Nonsense.
You can't even do that on most modern OSs. Write a program and try to write outside of the programs bounds and see what happens.
|
|
|
|
kokojie
Legendary
Offline
Activity: 1806
Merit: 1003
|
|
June 21, 2011, 11:48:26 PM |
|
Dedicated server is old school, nowadays you want VPS or cluster, both allowing instant scaling, not the dedicated crap.
|
btc: 15sFnThw58hiGHYXyUAasgfauifTEB1ZF6
|
|
|
Epinnoia
|
|
June 21, 2011, 11:55:20 PM |
|
So you're telling me that I can't intentionally write beyond my own memory pointers in C++ on a VPM? Nonsense.
You can't even do that on most modern OSs. Write a program and try to write outside of the programs bounds and see what happens. That's odd. I was under the impression that many exploits use this very method, as well as stack overflows. Anyhow, I am not going to debate this further. Today's modern OSes might be as impossible to crack as the Nazi Enigma code... Hmmm...
|
|
|
|
martinw79
Member
Offline
Activity: 94
Merit: 10
|
|
June 22, 2011, 01:03:37 AM |
|
inetnum: 46.21.104.0 - 46.21.105.255 netname: GLESYS-CUSTOMER-SERVERS descr: Customer VPS services located in Falkenberg, Sweden
Domain Name: 46-21-104-237-static.serverhotell.net Location: Falkenberg, Sweden Country Flag
|
___________________ MW79
|
|
|
bbjansen
Newbie
Offline
Activity: 14
Merit: 0
|
|
June 22, 2011, 01:05:11 AM |
|
|
|
|
|
elggawf
|
|
June 22, 2011, 01:21:31 AM |
|
That's odd. I was under the impression that many exploits use this very method, as well as stack overflows. Your problem is you're "under the impression" but you don't really understand the workings of things you're trying to argue about. Anyhow, I am not going to debate this further. Today's modern OSes might be as impossible to crack as the Nazi Enigma code... Hmmm... There are bugs in virtualization layers, but it's not simply a case of fire up C++ and write to some arbitrary location and boom you have baremetal access to the entire box.
|
^_^
|
|
|
Bit_Happy
Legendary
Offline
Activity: 2114
Merit: 1040
A Great Time to Start Something!
|
|
June 22, 2011, 01:45:35 AM |
|
Unless they prove them self or have someone as a security expert, it will be much safer for them to use shared hosting rather than a VPS/dedicated server.
Why is that? How is shared hosting safer than VPS or a dedicated server? I don't know much about these things but I have been told that if you have a shared hosting account your site is more or less only as secure as any other site sharing that server. If the file permissions (and DB's) are set up accurately, then security can be as good as other options. With shared hosting you can never have a busy site, that is a huge issue.
|
|
|
|
JoelKatz
Legendary
Offline
Activity: 1596
Merit: 1012
Democracy is vulnerable to a 51% attack.
|
|
June 22, 2011, 01:46:59 AM |
|
It is the same physical card in the same physical machine. C++ is quite powerful.
Even a dedicated machine uses the same physical network interface on the same router. If sharing network hardware were a problem, every system on the Internet would have it. And yes, C++ is very powerful. So what?
|
I am an employee of Ripple. Follow me on Twitter @JoelKatz 1Joe1Katzci1rFcsr9HH7SLuHVnDy2aihZ BM-NBM3FRExVJSJJamV9ccgyWvQfratUHgN
|
|
|
sakkaku
|
|
June 22, 2011, 02:04:10 AM |
|
There are actually worst hosts like bluehost. Chances are if they list UNLIMITED bandwidth, disk space, etc they are retardedly overcrowded and will disable your site once it gets hit by more then a small breeze.
|
|
|
|
martinw79
Member
Offline
Activity: 94
Merit: 10
|
|
June 22, 2011, 02:08:12 AM |
|
Has anyone seen this floating around today, sure hope is false;
--tradehill bitcoin exchange user/hash passes out now
pastebin
|
___________________ MW79
|
|
|
sakkaku
|
|
June 22, 2011, 02:11:11 AM |
|
Has anyone seen this floating around today, sure hope is false;
--tradehill bitcoin exchange user/hash passes out now
pastebin
That is some guy looking for an idiot to scam.
|
|
|
|
|